-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy patheval-fix2.php
95 lines (84 loc) · 2.82 KB
/
eval-fix2.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
<?php
/*function launch_function_02($name,$args) {
if(func_num_args()>2) { $args=func_get_args(); array_shift($args); }
if(!is_array($args)) {
if(strlen($args)>0) {
$args=explode(',',$args);
}
else {
$args=array();
}
}
array_walk($args,'trim');
var_dump($name,$args);
switch($name) {
case 'die':
print('die('.implode(',',$args).')'.chr(13).chr(10));
return true;
case 'echo':
echo implode(',',$args);
return true;
case 'include':
include(implode(',',$args));
return true;
case 'require':
require(implode(',',$args));
return true;
case 'include_once':
include_once(implode(',',$args));
return true;
case 'require_once':
require_once(implode(',',$args));
return true;
case 'print':
print(implode(',',$args));
return true;
default:
break;
}
//die();
if(!function_exists($name)) {
if( array_key_exists('oServer',$GLOBALS) && $GLOBALS['oServer'] instanceof CFlxBotServer ) {
say($GLOBALS['oServer']->sMasterChan,'bot','appel d\'une fonction non existante "'.$name.'"');
return false;
}
else
print('appel d\'une fonction non existante "'.$name.'".'.chr(13).chr(10));
return false;
}
return call_user_func_array($name,&$args);
}
$GLOBALS['direct_function']='exit list extract var_dump print_r sAddServer launch_function';
$GLOBALS['forbidden_function']='die exit';
function replace_callback_02($matches) {
if(count($matches)>3) {
if(strlen($matches[3])==0) $matches[3]='NULL';
//if($matches[1]=='die') $matches[1]='print';
$forbidden_function=explode(' ',$GLOBALS['forbidden_function']);
if(in_array($matches[2],$forbidden_function)) {
$matches[2]='print';
return $matches[1].$matches[2].'('.$matches[3].')';
}
$direct_function=explode(' ',$GLOBALS['direct_function']);
//var_dump($direct_function);die();
if(in_array($matches[2],$direct_function)) {
return $matches[1].$matches[2].'('.$matches[3].')';
}
else {
return $matches[1].'launch_function_02(\''.$matches[2].'\','.$matches[3].')';
}
}
elseif(count($matches)==3) {
$forbidden_function=explode(' ',$GLOBALS['forbidden_function']);
if(in_array($matches[2],$forbidden_function)) {
$matches[2]='print';
}
return $matches[1].$matches[2];
}
else {
return $matches[0];
}
}*/
//$GLOBALS['fix-eval']=create_function('$eval_content','return preg_replace_callback(array(\'/([^a-zA-Z_\x7f-\xff])?(?<!\-\>)([a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*)/\',\'/([^a-zA-Z_\x7f-\xff])?(?<!\-\>)([a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*)\s*\(([^)]*)\)/\'),\'replace_callback_02\',$eval_content);');
$GLOBALS['fix-eval']=create_function('$eval_content','return preg_replace(array(\'/(;|\s|^)(exit|die)(\(.*\))?(;|\s|$)/i\',\'/\$this->/\'),array(\'$1$4\',\'$this2->\'),$eval_content);');
?>